Audit fixes: a bunch of bug fixes from Amy + overhead reduction for
case when no rules are loaded (lazy-audit) from me. The latter speeds
"audit enabled, no rules present" to the level of "audit disabled". The
current tree has about 15--20% overhead for that case on loads like "do a lot
of access(2)"; that gets killed by these patches.
Please, pull from
git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current.git/ audit.b25
diffstat:
fs/namei.c | 8 ++-
include/linux/audit.h | 43 +++++++++++------
include/linux/fsnotify.h | 6 +-
kernel/audit.c | 4 -
kernel/auditfilter.c | 26 ++++++++++
kernel/auditsc.c | 117 ++++++++++++++++++++++++++++++-----------------
6 files changed, 140 insertions(+), 64 deletions(-)
Al Viro:
introduce audit rules counter
mark context of syscall entered with no rules as dummy
don't bother with aux entires for dummy context
take filling ->pid, etc. out of audit_get_context()
Amy Griffis:
fix faulty inode data collection for open() with O_CREAT
fix missed create event for directory audit
fix oops with CONFIG_AUDIT and !CONFIG_AUDITSYSCALL
fix audit oops with invalid operator
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
